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REMARKS 

The Non-final Office Action, mailed June 20, 2008, considered claims 1-13, 21-30, 32 
and 33. Claim 7 was rejected under 35 U.S.C. § 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. Claims 21-30, 32 and 33 were rejected under 35 U.S.C. § 102(b), as being 
anticipated by Traw et al., U.S. Patent No. 6,542,610 (filed Aug. 11, 1997) (hereinafter Traw). 
Claims 1-13 were rejected under 35 U.S.C. § 103(a) as being unpatentable over Traw, in view of 
Benoit, U.S. Patent No. 6,820,814 (filed Feb. 7, 2000) (hereinafter Benoit). 1 

By this response, claims 1, 8, 21, and 26 are amended such that claims 1-13, 21-30, and 
32-33 remain pending. 2 Claims 1, 8, 21, 26, 32, and 33 are independent claims which remain at 
issue. Support for the amendments may be found within Specification ffl 36 and 74-80. 3 

As reflected in the claims, the present invention is directed generally toward methods, 
systems, and computer program products for requesting and providing proof that a system is 
appropriately configured to access a resource. Claim 1 recites, for instance, in combination with 
all the elements of the claim, a method which includes receiving a challenge including 
information indicating how a system is to prove it is appropriately configured to access a 
resource where the information includes at least the identity of a region within a portion of 
executable instructions at the requesting computing system computed from a first random value 
and a second random value and which are used to determine a measurable aspect of a 
configuration. The method also includes formulating proof based upon a measurable aspect of 
the system's configuration that the system's configuration is appropriate for accessing a 
resource. Finally, the method includes submitting an assertion that can be used to verify that the 
system is appropriately configured to access the resource. 



1 Although the prior art status of the cited art is not being challenged at this time, Applicants reserve the 
right to challenge the prior art status of the cited art at any appropriate time, should it arise. Accordingly, any 
arguments and amendments made herein should not be construed as acquiescing to any prior art status of the cited 
art. 

~ The amendments and remarks presented herein are consistent with the information presented by telephone 
by patent attorney John Bacoch (reg. no. 59,890) and attorney Thomas Bonacci. 

However, it should be noted that the present invention and claims as recited take support from the entire 
Specification. As such, no particular part of the Specification should be considered separately from the entirety of 
the Specification. 
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Claim 8 is a method similar to that of claim 1 but is recited from the perspective of a 
providing system as opposed to the perspective of a requesting system as in claim 1. 

Claim 21 recites, in combination with all the elements of the claim, a method of 
authorizing a requester to interact with a provider which includes receiving a configuration 
challenge from the provider which includes information indicating how the requester is to prove 
that it is appropriately configured to interact with the provider. Proof is formulated based upon a 
measurable aspect of the requester's configuration that the configuration is appropriate for 
accessing a resource where the measurable aspect includes at least a region within a portion of 
executable instruction and comprising byte values for at least some of the executable instructions 
s. Proof of the values of one or more measurable aspects of the requester are sent to the 
provider. Finally, a token that can be used to prove that the requester is appropriately configured 
is received. Claim 32 is a computer program product embodiment of the method of claim 21. 

Claim 26 recites, in combination with all the elements of the claim, a method similar to 
the method of claim 21 but which is recited from the perspective of the provider (system) as 
compared to the requestor. 

Claim 33 recites a computer program product embodiment of the method of claim 26. 

Claim rejections under 35 U.S.C. § 102: 

Independent claims 21, 26, 32, and 33 were rejected under 35 U.S.C. § 102 as being 
anticipated by Traw. 4 The Applicants respectfully traverse the rejections. 

In particular, as to claim 21, the Office asserted that Traw col. 5 1. 1-10 teaches 
"formulating proof, based on a measurable aspect of the requester's configuration, that the 
measurable aspect of the requesting computing system's configuration is appropriate for 
accessing a resource the measurable aspect comprising at least a region within a portion of 
executable instructions." The very same portion of Traw had been asserted in the previous 
Office Action of teaching the then unamended limitation "formulating proof, based on a 
measurable aspect of the requester's configuration, that the measurable aspect of the requesting 
computing system's configuration is appropriate for accessing a resource" where there was no 



4 Office Comm. p. 3. 



Page 13 of 18 



Application No. 10/827,082 

Amendment "D" dated September 20, 2008 

Reply to Non-Final Office Action mailed June 20, 2008 

limitation concerning the measurable aspect comprising at least a region within a portion of 
executable instructions. 5 The cited portion of Traw (col. 5 1. 1-10) reads: 

"... In order to ensure interoperability, all compliant devices and applications 
should support the Baseline Cipher. Device certificates typically contain a 
description of the ciphers that are supported by a device. In alternative 
embodiments, device certificates specify that the pair of devices being 
authenticated support variable key length ciphers. In such a case, a key length can 
be specified along with the type of cipher to be used." 6 
The Applicants submit that the cited portion of Traw fails to teach the limitation added by 
amendment in the previous response which requires "the measurable aspect comprising at least 
a region within a portion of executable instructions." The same portion of Traw was cited for 
teaching the previously unamended limitation and for teaching the now-amended limitation 
which requires the measurable aspect to comprise at least a region within a portion of executable 
instructions but, the Applicants submit, Traw fails to disclose any teaching of a portion of 
executable instructions. 

In its rejection of independent claim 26, the Office cited Traw col. 7 1. 6-16 for teaching 
the related limitation "receiving proof of the values of one or more measurable aspects of the 
requester's configuration the one or more measurable aspects comprising at least a region 
within a portion of executable instructions:' Similarly to the rejection of claim 21, the same 
portion of Traw had been cited in the previous Office Action for teaching the previously 
unamended limitation of "receiving proof of the values of one or more measurable aspects of the 
requester's configuration" where there was no mention of the measurable aspects comprising at 
least a region within a portion of executable instructions. 7 In the rejection of claim 26, the 
portion of Traw cited for this limitation (col. 7 1. 6-16) reads: 

"In an illustrative embodiment of the present invention, the devices exchange 
challenges, perhaps random challenges (A c , B c ) and device certificates (A cert , 
B C ert). Both devices respond by encrypting (with key S u ) and then hashing the 
other device's challenge. Upon receiving the response to the challenge, each 

5 See Office Communication p. 7 (paper no. 20071218, mailed Dec. 26, 2007) (hereinafter Dec. 2007 
Office Action). 

6 Traw col. 5 1. 1-10. 

7 Dec. 2007 Office Action p. 8. 



Page 14 of 18 



Application No. 10/827,082 

Amendment "D" dated September 20, 2008 

Reply to Non-Final Office Action mailed June 20, 2008 

device verifies that the appropriate response has been received. If the expected 
value is not returned, a security threat has been detected and the system will not 
be permitted to exchange protected content. If the random challenge is successful, 
a shared control channel key (Kprecontroi) is computed by the devices." 8 
The Applicants submit that the cited portion of Traw fails to teach the asserted limitation of the 
one or more measurable aspects comprising at least a region within a portion of executable 
instructions. There is no mention or suggestion, explicitly or otherwise, of a measurable aspect 
comprising any portion of executable instructions. 

The Applicants respectfully note that similar and related limitations had been introduced 
by amendment to both claims 21 and 26 but the rejections of the amended claims cited only the 
portions of Traw which had been previously cited in the previous Office Action. 9 The 
Applicants respectfully submit that neither Traw col. 5 1. 1-10, cited for claim 21, nor Traw col. 
7 1. 6-16, cited for claim 26, teaches the required limitation of the one or more measurable 
aspects comprising at least a region within a portion of executable instructions. 

Further, in its discussion of a related limitation in claims 1 and 8, the Office concedes in 
this Office Action that Traw fails to disclose the challenge including "information comprising at 
least the identity of a region within a portion of instructions at the requesting computing system 
computed from a first random value and a second random value." 10 The Applicants agree with 
this assessment of Traw and submit that Traw also fails to teach the related limitation of the one 
or more measurable aspects comprising at least a region within a portion of executable 
instructions. 

For at least the distinctions noted above, the Applicants submit that Traw fails to teach 
each and every element of independent claims 21 and 26 as they had been presented and 
therefore a rejection under 35 U.S.C. § 102 would be improper and should be withdrawn. As 
claims 32 and 33 recite computer program product embodiments of claims 21 and 26, 
respectively, the Applicants also submit that rejections under 35 U.S.C. § 102 would be improper 
and should be withdrawn. Accordingly, the Applicants respectfully request favorable 
reconsideration of each of independent claims 21, 26, 32, and 33. 



8 Traw col. 7 1. 6-16 

9 See Dec. 2007 Office Action p. 8 

10 Office Comm. p. 7. 
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The noted distinctions notwithstanding, the Applicants have further amended claims 21 
and 26 to more particularly emphasize the measurable aspect comprising a portion of executable 
code. The Applicants respectfully request the Office to carefully reconsider the current 
amendments along with the preceding discussion. 

Claim rejections under 35 U.S.C. § 103: 

Independent claims 1 and 8 were rejected under 35 U.S.C. § lOe as being unpatentable in 
view of Traw and Benoit. 11 The Applicants respectfully disagree and respectfully traverse the 
rejections. 

As to both claims 1 and 8, the Office concedes that Traw fails to teach or suggest the 
challenge including information comprising at least the identity of a region within a portion of 
instructions at the requesting computing system computed from a first random value and a 
second random value. 12 However, in asserting this limitation is taught by Benoit, the Office 
asserts that Benoit col. 5 1. 20-34 "discloses a cipher system which utilizing (sic) a first and 
second random value to identify a particular output data from input data." The cited portion of 
Benoit reads: 

"As characterised, the invention therefore relates to a countermeasure method in 
an electronic component implementing a secret key cryptographic algorithm, the 
implementation of which comprises a number of successive calculation cycles in 
order to supply, from first input data applied to the first cycle, final data at the 
output of the last cycle allowing the production of an encrypted message, each 
calculation cycle using calculation means for supplying an output data item from 
an input data item, said calculation means comprising the application of a first 
random value (u) in order to obtain at the output an unpredictable data item, 
characterised in that the method comprises the use of means of applying a second 
random value to said first input data, according to an EXCLUSIVE OR 
operation." 13 



11 Office Comm. p. 6. 

12 Office Comm. p. 7. 

13 Benoit col. 5 1. 20-34. 
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Firstly, the Applicants respectfully submit that the Office's characterization of Benoit, "utilizing 
a first and second random value to identify a particular output data from input data" does not 
teach or suggest the limitation requiring the challenge [to include] information comprising at 
least the identity of a region within a portion of instructions at the requesting computing system 
computed from a first random value and a second random value. Although Benoit mentions 
"input data" and a "first random value" and a "second random value," Benoit is silent as to and 
fails to teach information comprising at least the identity of a region within a portion of 
instructions at the requesting computing system. 

For at least the distinctions noted above, the Applicants submit that Traw and Benoit fail 
to teach or suggest all the limitations of independent claims 1 and 8 as they had been previously 
presented. Accordingly a rejection under 35 U.S.C. § 103 would be improper and should be 
withdrawn. Correspondingly, the Applicants respectfully request favorable reconsideration of 
each of independent claims 1 and 8. 

The noted distinctions notwithstanding, the Applicants have further amended claims 1 
and 8 to more particularly emphasize the measurable aspect comprising a portion of executable 
code. The Applicants respectfully request the Office to carefully reconsider the current 
amendments along with the preceding discussion. 

In view of the foregoing, Applicants respectfully submit that the other rejections to the 
claims are now moot and do not, therefore, need to be addressed individually at this time. It will 
be appreciated, however, that this should not be construed as Applicants acquiescing to any of 
the purported teachings or assertions made in the last action regarding the cited art or the pending 
application, including any official notice. Instead, Applicants reserve the right to challenge any 
of the purported teachings or assertions made in the last action at any appropriate time in the 
future, should the need arise. Furthermore, to the extent that the Examiner has relied on any 
Official Notice, explicitly or implicitly, Applicants specifically request that the Examiner 
provide references supporting the teachings officially noticed, as well as the required motivation 
or suggestion to combine the relied upon notice with the other art of record. 
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In the event that the Examiner finds remaining impediment to a prompt allowance of this 
application that may be clarified through a telephone interview, the Examiner is requested to 
contact the undersigned attorney at 801-533-9800. 

Dated this 20 th day of September, 2008. 



Respectfully submitted, 




RICKD. NYDEGGER 
Registration No. 28,651 
JENS C. JENKINS 



Registration No. 44,803 
Attorneys for Applicant 
Customer No. 47973 
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